Privacy Policy
Find our cookie policy here: Cookie Policy
Last Updated and Effective Date: February, 2024
WE CARE ABOUT YOUR PRIVACY
This privacy policy (“Privacy Policy”) describes the policies and procedures of OnRoute Global, LLC, dba OnRoute and OnRoute Global (sometimes referred to as “us,” “we,” or “our”). This Privacy Policy relates to our information collection, use and disclosure practices on our websites, mobile applications and while providing our business services (collectively, “Services”). The creation of this Privacy Policy grows from our fundamental respect for your right to privacy and will serve to guide our relationship with you. We value the privacy and security of your “personal data,” which as used herein means any information relating to an identified or identifiable natural person. Information relating to our use of cookies and similar technologies is set out in our Cookie Policy, which forms part of the Privacy Policy. When we refer to the Privacy Policy, we are referring to the Privacy Policy and Cookie Policy.
HOW YOU ACCEPT THE TERMS AND UPDATES TO THE PRIVACY POLICY
You consent to and agree to be bound by this Privacy Policy by expressly accepting the terms of the Privacy Policy or by using our Services. From time to time, we will update this Privacy Policy as we adopt new practices and procedures related to your personal data. Any changes to this Privacy Policy will be placed on our websites and mobile applications and will supersede this version. If we make changes to this Privacy Policy, we will revise the “Last Updated and Effective Date” above. Your continued use of our Services following the posting of changes constitutes your acceptance of such changes. We encourage you to check back from time to time.
THE PERSONAL DATA WE COLLECT ABOUT YOU, THE REASON FOR THE COLLECTION, AND HOW WE COLLECT THE PERSONAL DATA
We may collect the following types of personal data from you when you use our Services, and describe below the reasons why and how we collect such personal data.
- Automatically From the Services. When you use the Services, we may automatically collect information about your equipment, browsing actions and patterns (“Technical Data”). We collect this Technical Data by using cookies and other similar technologies described more fully in our Cookie Policy. Technical Data may include you Internet Protocol (“IP”) address, device identifier data, the type of device you use, your operating system and version, the Uniform Resource Locator (“URL”) of our web pages that you visit, the URLs of referring and exiting pages, the pages you view, the time spent on a page, the number of clicks made, the platform type, and generalized, non-specific location data. We collect this information to communicate the content on our website to you, to recognize you, to learn more about the users of our website and their preferences, to customize and improve your experience on our website, for business and marketing purposes, and to administer and protect our business and website.
- Contact Information. You may voluntarily provide us certain contact information about yourself through forms on our website, through use of the Services , at in-person or virtual networking/marketing events or conferences, or if you contact our customer service. We may also collect your contact information from certain third parties, such as partners who may refer us new business and clients. The contact information we may collect includes name, company name, company website, email address, phone number and other information about the business. We collect this personal data so that we may respond to your requests or questions, provide a quote, demo or resources from our library, communicate with you about our Services, and/or address your customer service needs or concerns.
- Application Users. If you wish to use our mobile app, you may voluntarily provide us with your contact information, such as name, company name, phone number, address, email address, tax identification number, and other contact and business information. We use this information for the app.
- Partners. If you wish to partner with us for marketing and sales, you may voluntarily provide use your contact information, such as name, company name, phone number, address, email address, tax identification number, and other contact and business information. We collect this information so that we can contact you about becoming a partner, provide information regarding partnerships, address your questions or comments, and give you credit for providing us new business and clients.
- Drivers. As part of providing services to app customers, we may collect certain information from drivers, such as name, date of birth, address, phone number, email address, social security number, bank account number and other banking information, tax identification number, driver’s license number, passport number, signature and other identifiers and contact information. We collect this information to enter into agreements and other business relations in order for drivers to provide our Services to customers through the app.
- Customers. While providing our Services, we may collect certain information from customers, such as name, address, phone number, email address, credit card number and other identifiers and contact information. We collect this information to administer payments for services on the app.
- Services. As part of providing Services to drivers and customers, we may process personal data regarding their credit card holders, such as name, address, credit card number, and credit card expiration date. We collect credit card holders’ personal data, and other contact information and IP addresses, through mobile applications.
- Job Applicants. You may voluntarily provide us your contact information, such as name, phone number, email address, and other information if you are interested in applying for a position with our company. We collect this information so that we can follow-up with you regarding your interest in the position and provide more information regarding next steps in the job application process.
SHARING OF PERSONAL DATA WITH OTHERS
From time to time, we may need to share your personal data with others, as described below.
- Service Providers. We may share your personal data with service providers who perform various business functions for us, such as website design, sending email communications, fraud detection and prevention, cloud data storage, software and other technical services, marketing, customer care, payment processing, or performing analytics.
- Protecting Our Business and Others. We may share personal data when we believe it is appropriate to enforce or apply our Terms of Service and other agreements, or protect the rights, property, or safety of our business, our products and services, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and risk reduction. This does not include selling, renting, sharing, or otherwise disclosing personal data of our customers for commercial purposes.
- Legal. We may share your personal data if necessary to: (1) comply with domestic and foreign laws; (2) comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by domestic and foreign authorities; (3) cooperate with law enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate domestic or foreign laws; or (4) exercise or defend legal claims.
- Sale of Our Business. We may transfer to a third party personal data as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of our business.
- Non-Identifiable Data. We may share with others data that has been anonymized, de-identified, and/or aggregated. Such data is not considered personal data because it no longer identifies you nor is it reasonably capable of identifying you.
- With Your Consent. Other than as described above, we may share your personal data with others with your consent.
- Selling. We do not sell your personal information to third parties.
HOW WE PROTECT YOUR PERSONAL DATA
We have implemented and maintain reasonable security procedures and practices, and commercially reasonable technical and organizational measures, to ensure a level of security appropriate to the risk, to help protect your personal data from unauthorized access and exfiltration, theft, or disclosure. However, no security system is perfect. We will notify you if there is a breach of our security where required by law or deemed necessary.
RETENTION OF PERSONAL DATA
Your personal data will be retained for the time required to fulfil the purposes for which it was collected and processed, including for the purpose of satisfying legal, professional, contractual, regulatory, accounting or reporting obligations. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
“Do Not Track” (DNT) and Universal Opt-Out Preference Signals
Some web browsers (including Safari, Internet Explorer, Firefox, and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to web services that a visitor does not want to have their online activity and behavior tracked. If a web service operator elects to respond to a particular DNT signal, the web service operator may refrain from collecting certain personal information about the browser’s user. Not all browsers offer a DNT option and there is currently no industry consensus as to what constitutes a DNT signal. For these reasons, many web service operators, including us, do not proactively respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.
New standards are being developed for a Universal Opt-Out Mechanism, such as the Global Privacy Control (GPC), which allow users with GPC-enabled browsers and devices to send a signal that will communicate the user’s request to opt-out of sales of their personal information and to opt-out of certain sharing of their personal information. The CPRA and other laws allow for the acceptance of Opt-Out Preference Signals such as the GPC, as an option for users to transmit an Opt-Out of selling/sharing personal information. If we detect and recognize such a signal from your device or browser, we will honor it.
CHILDREN
Our website is not intended for or directed at children under the age of 16. In addition, we do not knowingly collect personal data from children under the age of 16. If a parent or guardian becomes aware that his or her child has provided us information without their consent, please contact us, as indicated in the “Contact Us” section below. Please include an indication that your request is related to a Children’s Online Privacy Protection Act inquiry. We will delete such information from our records within a reasonable time. If you use the Services on behalf of another person, regardless of age, you represent and warrant that you have authority to do so.
LINKS TO THIRD PARTY WEBSITES
Some portions of our website may contain links to other websites on the Internet that are neither under our control nor maintained by us. Such links do not constitute an endorsement by us of those other websites, the content displayed therein, or the persons or entities associated therewith. You acknowledge that we are providing these links to you only as a convenience, and you agree that we are not responsible for the content of such websites. Your use of these other linked websites is subject to the respective terms of use and privacy policies located on the linked websites.
NOTICE TO CALIFORNIA RESIDENTS
California residents may exercise certain privacy rights under the California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act (“CPRA”) regarding their personal information.
In the preceding 12 months, we collected and disclosed for a business purpose the following categories of personal information about California consumers:
Category
Examples
Collected?
Categories of Recipients
Identifiers
Name, address, e-mail address, IP address
Yes
i.e., Organizations providing services to us
Personal information categories listed in the California Customer Records statute
Name, professional-related information; and employment-related information
Yes
i.e., Organizations providing services to us
Protected classification characteristics under California or federal law
Name, age, citizenship, nationality, ancestry, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, proof of eligibility to work
No
i.e., Organizations providing services to us
Commercial information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
No
i.e., Organizations providing services to us
Internet or other similar network activity
Browsing history, search history, information on a consumer’s interaction with the us Services
No
i.e., Organizations providing services to us
Geolocation data
Location and movement data
No
i.e., Organizations providing services to us
Professional or employment-related information
Proof of eligibility to work, resumé, other professional-related information and employment-related information
No
i.e., Organizations providing services to us
Biometric information
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
No
i.e., Organizations providing services to us
Non-Public Education Information
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records
No
i.e., Organizations providing services to us
Inferences from the foregoing
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
No
i.e., Organizations providing services to us
Your Rights. If you are a California resident you may have the following rights under the CCPA/CPRA in relation to personal information we have collected about you, to the extent required by the CCPA/CPRA and subject to verification:
Right To Know/Access Personal Information Collected, Disclosed, or Sold
As a California resident, you may also have the right to request more information regarding the following topics for the preceding 12 months, to the extent applicable:
- The categories and specific pieces of personal information we have collected about you.
- The categories of sources from which we have collected your personal information.
- The business or commercial purpose why we collected or, if applicable, sold your personal information.
- The categories of third parties with whom we shared your personal information.
- The categories of personal information that we have shared with third parties about you for a business purpose.
- If applicable, the categories of personal information that we sold about you and the categories of third parties who received your personal information in the sale.
You may submit a request for the information above by emailing us at privacypolicy@onroute.app. Once you contact us, we will need to confirm your identity to process your request.
Right To Request Deletion Of Your Personal Information
You have the right to request that we delete the personal information we collected or maintained about you. Once we receive your request, we will let you know what, if any, personal information we can delete from our records, and we will direct any service providers with whom we shared your personal information to also delete your personal information from their records.
There may be circumstances where we cannot delete your personal information or direct service providers to delete your personal information from their records. Some of these instances include, but are not limited to, if we need to: (1) retain your personal information to complete a transaction, provide a good or service, fulfill the terms of a written warranty, or to perform under a contract between us; (2) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity; and (3) comply with the law.
You may submit a request for the information above by emailing us at privacypolicy@onroute.app. Once you contact us, we will need to confirm your identity to process your request.
Right to Opt-Out of the Sale of Personal Information
We do not sell your personal information to third parties. As such, there is no need to submit a request for us to not sell your personal information
Right to Non-Discrimination for the Exercise of Your Privacy Rights
We will not discriminate against you for exercising any of your rights under the CCPA, as described above.
Right to Correct
You have the right to request that we correct inaccurate personal information regarding the information you provide us.
Right to Restrict the Use of Sensitive Personal Information
You have the right to restrict the use of your sensitive personal information.
Right to Access Information on Automated Decision-Making
You have the right to access information collected through automated decision-making. Additionally, you can opt-out of our use of automated decision-making related to your personal information.
Authorized Agent
You may use an authorized agent to submit requests on your behalf to exercise the rights above. When contacting us through the methods above to exercise any of the CCPA rights, please indicate whether you are an authorized agent, and we will provide you instructions on how we will verify and process your request.
NOTICE TO EUROPEAN UNION RESIDENTS
Controller
Integra Capital Group, Inc. is the controller of the personal data handling practices described above, except for the personal data we process on behalf of merchants to provide our Services (e.g., credit card holder data). You can contact us below, as indicated in the “Contact Us” section.
European Union Data Subject Rights
Under the European Union’s General Data Protection Regulation (“GDPR”), European Union data subjects have the rights described below, under certain circumstances and grounds, with respect to the personal data that we collect and process as a controller.
- Right to obtain confirmation as to whether your personal data is being processed, access to your personal data, and information regarding the processing;
- Right to rectify inaccurate or incomplete personal data concerning you;
- Right to erasure of your personal data;
- Right to restrict processing of your personal data;
- Right to object to the processing of your personal data;
- Right to object to decision making based solely on automated processing;
- Right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller (i.e., “data portability”);
- Right to unsubscribe from marketing materials;
- Right to withdraw consent to any consent-based processing activities; and/or
- Right to lodge a complaint with relevant supervisory or other authorities.
To file a request or take action on one of your rights, please contact us as indicated in the “Contact Us” section below. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
This Privacy Policy does not create, extend or modify any of the foregoing rights under the GDPR.
Purpose of the Processing
Generally, we will process your personal data: (a) where we need to perform the contract we are about to enter into or have entered into with you; (b) where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests; and (c) where we need to comply with a legal or regulatory obligation. Please note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data. Please contact us, as indicated in the “Contact Us” section below, if you need details about the specific legal ground we are relying on to process your personal data under a given situation.
Consequences of Failing to Provide Personal Data
It is optional for you to provide us your personal data. However, if you do not provide us your personal data, you may not be able to receive some or all of our Services.
Special Categories of Personal Data
We ask that you do not disclose to us special categories of personal data (e.g., race or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic/biometric/health data, or information regarding your sex life or sexual orientation).
International Data Transfers
OnRoute Global, LLC has its headquarters in the United States. Information we collect from you will be processed in the United States. In the event that your personal data is transferred to processors outside of the European Economic Area (“EEA”), appropriate suitable safeguards or specific derogations recognized under data protection laws, including the GDPR, will be observed.
CONTACT US
If you have any questions regarding this Privacy Policy, please contact us by any of the following means:
By Email: privacypolicy@onroute.app
By Mail: OnRoute Global, LLC, 20 Pacifica, Suite 1250, Irvine, CA 92618
